Home » Technology » Security Transformation » Reducing Risk of cyber security
“We won’t even blink at a $100,000 case,” says Matt Lavigna, Interim President and CEO of NCFTA, speaking at the Money20/20 conference in Las Vegas.
The good news is that “you don’t have to transform into a Jedi to oppose the threats in the hidden fortress that is the internet” or so said Richard Cassidy at Alert Logic.
That is good news, but then again, some of the threats posed to cyber security may feel like the digital equivalent of a Sith lord.
According to NJR’s cyber security report: ‘how real is the threat and how can you reduce your risk’: “Staff are a significant risk to their employer’s cyber security.” Their research found that “23 per cent of employees use the same password for different work applications and 17 per cent write down their passwords, 16 per cent work while connected to public Wi-fi networks and 15 per cent access social media sites at their work.”
And yet, the same research found that of those same employees “just over 50 per cent have experienced a cyber scam in the last twelve months. 29 per cent have received a fake email from PayPal, Apple or a bank, 12 per cent have been targeted by a Facebook scam and seven per cent have clicked a link that put a virus on a PC. A further 17 per cent of respondents have received scam emails that looked like they were sent by a friend, and 16 per cent have been telephoned by someone about a ‘problem’ with their PC.”
Returning to Alert Logic’s Richard Cassidy, he said, to reduce exposure “Just encourage your employees to follow . . . straightforward and simple tips to make life harder for hackers and keep you secure.”
And what are these tips:
Graham Oates, Chief Executive of Norrie Johnston Recruitment, comments: “It appears that people are bombarded by potential cyber threats in their private lives and are quite savvy about how to avoid them. Yet when it comes to a work situation they don’t realise that they still need to be security aware. As a result, they are making their employers vulnerable to attack.”
So, what else can you do?
For one thing, assess risk, regularly – this is the digital equivalent of a health and safety report.
For another thing, have a cyber security policy that is written down, and which relevant people are familiar with.
Also, use the right cybersecurity software.
Make sure staff are trained on security risks and what they must do.
And finally, look at insurance policies that can cover you if all else fails.